﻿using System;
using System.Data;
using System.Configuration;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.SqlClient;
using System.Security.Cryptography;
using System.Net;
using System.Text;
using System.Net.Mail;


namespace myScheduler
{
    public class RegistrationModel
    {
        SQLcontrol SQLcontroller = new SQLcontrol();

        public string RegisterUser(string username, string pwd1, string pwd2, string email, string studentId)
        {
            //check is password is okay
            if (pwd1==pwd2 && pwd1!="")
            {
                bool flagError = false;
                //check is user exist
                if (verifyExistingUser(username))
                    flagError = true;
                //check is email exist
                if (verifyExistingEmail(email))
                    flagError = true;

                if (flagError)
                {
                    return "User or email already exists";
                }
                else
                {
                    string sql = SQLcontroller.ReadSQLscript("addUser.sql");
                    sql = sql.Replace("$USER", username);
                    sql = sql.Replace("$PASS", EncryptPwd(pwd1));
                    sql = sql.Replace("$EMAIL", email);
                    sql = sql.Replace("$ID", studentId);
                    sql = sql.Replace("$TYPE", "1");
                    SQLcontroller.SQLwrite(sql);
                    SendRegistrationEmail(email, username);
                    return "Registration Successful. You may now login on the main page.";
                }
            }
            else
            {
                return "Passwords do not match or is empty";
            }
        }

        bool verifyExistingUser(string username)
        {
            DataSet reader = new DataSet();
            string sql = "SELECT * FROM Users WHERE username = '" + username + "'";
            DataTable SQLdata; // = new DataTable();
            SQLdata = SQLcontroller.SQLread(sql).Tables[0];
            if (SQLdata.Rows.Count > 0)
            {
                return true;
            }
            else
            {
                return false;
            }
        }

        bool verifyExistingEmail(string email)
        {
            DataSet reader = new DataSet();
            string sql = "SELECT * FROM Users WHERE email = '" + email + "'";
            DataTable SQLdata; // = new DataTable();
            SQLdata = SQLcontroller.SQLread(sql).Tables[0];
            if (SQLdata.Rows.Count > 0)
            {
                return true;
            }
            else
            {
                return false;
            }
        }

        protected string EncryptPwd(string originalPwd)
        {
            MD5 crypto_Service = new MD5CryptoServiceProvider();
            return BitConverter.ToString(crypto_Service.ComputeHash(ASCIIEncoding.Default.GetBytes(originalPwd)));
        }

        protected void SendRegistrationEmail(string email, string userIn)
        {
            MailMessage mail = new MailMessage();
            mail.To.Add(email);
            mail.From = new MailAddress("admin@341.atsebak.com");
            mail.Subject = "mYScheduler Registration Confirmation";
            mail.Body = "Thank You for registering to the Concordia University mYScheduler. Your username is: " + userIn + " Please report bugs and suggestions to admin@341.atsebak.com";
            mail.IsBodyHtml = true;
            SmtpClient smtp = new SmtpClient();
            smtp.Host = "mail.atsebak.com";
            smtp.Port = 587;
            smtp.UseDefaultCredentials = true;
            smtp.Credentials = new NetworkCredential("admin@341.atsebak.com", "softwareprocess");
            smtp.EnableSsl = false;
            smtp.Send(mail);
        }
    }
}